Time and State |
Category ID: 361 (Category) | Status: Incomplete |
Description Summary
Extended Description
Distributed computation is about time and state. That is, in order for more than one component to communicate, state must be shared, and all that takes time. Most programmers anthropomorphize their work. They think about one thread of control carrying out the entire program in the same way they would if they had to do the job themselves. Modern computers, however, switch between tasks very quickly, and in multi-core, multi-CPU, or distributed systems, two events may take place at exactly the same time. Defects rush to fill the gap between the programmer's model of how a program executes and what happens in reality. These defects are related to unexpected interactions between threads, processes, time, and information. These interactions happen through shared state: semaphores, variables, the file system, and, basically, anything that can store information.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 18 | Source Code | Development Concepts (primary)699 |
ParentOf | Weakness Class | 362 | Race Condition | Development Concepts (primary)699 |
ParentOf | Weakness Base | 364 | Signal Handler Race Condition | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 367 | Time-of-check Time-of-use (TOCTOU) Race Condition | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Category | 371 | State Issues | Development Concepts (primary)699 |
ParentOf | Category | 376 | Temporary File Issues | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 377 | Insecure Temporary File | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Category | 380 | Technology-Specific Time and State Issues | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 382 | J2EE Bad Practices: Use of System.exit() | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 383 | J2EE Bad Practices: Direct Use of Threads | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Compound Element: Composite | 384 | Session Fixation | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 385 | Covert Timing Channel | Development Concepts (primary)699 |
ParentOf | Weakness Base | 386 | Symbolic Name not Mapping to Correct Object | Development Concepts (primary)699 |
ParentOf | Category | 387 | Signal Errors | Development Concepts (primary)699 |
ParentOf | Weakness Base | 412 | Unrestricted Externally Accessible Lock | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Category | 557 | Concurrency Issues | Development Concepts (primary)699 |
ParentOf | Weakness Base | 609 | Double-Checked Locking | Development Concepts (primary)699 |
ParentOf | Weakness Base | 613 | Insufficient Session Expiration | Development Concepts (primary)699 |
ParentOf | Weakness Base | 662 | Insufficient Synchronization | Development Concepts (primary)699 |
ParentOf | Weakness Base | 663 | Use of a Non-reentrant Function in an Unsynchronized Context | Development Concepts (primary)699 |
ParentOf | Weakness Class | 664 | Improper Control of a Resource Through its Lifetime | Development Concepts (primary)699 |
ParentOf | Weakness Class | 668 | Exposure of Resource to Wrong Sphere | Development Concepts (primary)699 |
ParentOf | Weakness Class | 669 | Incorrect Resource Transfer Between Spheres | Development Concepts (primary)699 |
ParentOf | Weakness Base | 672 | Operation on a Resource after Expiration or Release | Development Concepts (primary)699 |
ParentOf | Weakness Class | 673 | External Influence of Sphere Definition | Development Concepts (primary)699 |
ParentOf | Weakness Base | 674 | Uncontrolled Recursion | Development Concepts (primary)699 |
ParentOf | Weakness Base | 698 | Redirect Without Exit | Development Concepts (primary)699 |
MemberOf | View | 700 | Seven Pernicious Kingdoms | Seven Pernicious Kingdoms (primary)700 |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
61 | Session Fixation |